Info About the Sex Lives and Medical Histories of Millions of Federal Workers Is in Hackers’ Hands

Guys.francisblack/iStock


Update (7/10/2015): OPM director Katherine Archuleta resigned on Friday morning. “I believe it is best for me to step aside and allow new leadership that will enable the agency to move beyond the current challenges,” she said in statement. Archuleta insisted on Thursday that she would not step down, but news that the OPM hack had affected millions more people than previously stated led a growing number of members of Congress to call for her firing. Republican presidential candidate Jeb Bush even released an ad slamming Archuleta on Friday.

The federal government announced on Thursday that—yet again—the huge hacks of sensitive government personnel records revealed last month are even bigger than previously thought.

Officials now say that information on 21.5 million people was stolen—more than 19 million security clearance applications, plus other sensitive data such as fingerprint records from another 2 million people who know or are related to the applicants. They told the Washington Post it’s now “highly likely” that the hackers, likely working for China, stole every such application submitted since 2000 to the Office of Personnel Management, which conducts security clearance investigations for almost all government agencies. Intelligence agencies like the CIA and National Security Agency do their own checks into potential clearance holders.

Even before Thursday’s announcement, current and former government officials were calling the stolen applications, which include highly personal and  potentially damaging data such as medical histories, records of drug use, and the names of foreign contacts, an intelligence goldmine for China or other potential perpetrators. “That they have all this clearance information is a disaster,” Joel Brenner, a former top U.S. counterintelligence official, told the Associated Press last month. FBI director James Comey told the Senate Intelligence Committee on Wednesday that the hack is a “huge deal.”

Officials previously admitted the hackers had taken up to 18 million of the applications, in addition to 4.2 million social security numbers that were stolen in a separate data breach. But even with the new, higher numbers revealed on Thursday, OPM Director Katherine Archuleta told reporters that she would not resign her post.